2 min read

The eIDAS Agenda: Innovation, Interoperability and transparency

The eIDAS Agenda: Innovation, Interoperability and transparency

Digital signatures (and the accompanying concepts of encryption and authentication) have been a critical aspect of electronic communications for several years now, and both regulatory bodies and businesses continue to demonstrate a vested interest in the continued growth and advancement of this field.

A popular point of discussion and research among businesses in the EU is eIDAS, the EU regulation on the use of identification and trust services for electronic transactions in the internal market. eIDAS is not only essential for legally compliant digital signatures, but it is also an integral aspect of the EU's technical innovation and progress.

While eIDAS was formally adopted in July 2014, there is still a great deal of innovation and discussion occurring regarding best practices for implementing compliant tools and processes. Therefore, it is critical that executives and security stakeholders understand eIDAS and the implications of this regulation for the future of their business, both in terms of technological investments and for the sake of the growth and security of the business.

 

Where did eIDAS originate?

It's important to consider the source of the eIDAS regulation as a means of comprehending the purpose of the framework and gaining a glimpse of its future direction. eIDAS originated from the European Commission focused on the "Digital Agenda" for Europe. This group ensures that policy and strategy recommendations align with the digital growth that the EU needs to continue to prosper over the next few years.

  • This is the first key point about eIDAS: eIDAS is about innovation.
    • Neither older, less secure technologies nor newer ones that are not sufficiently tested will suffice; eIDAS is meant to push organizations toward the highest levels of innovation and security that exist.

Key Aspects of eIDAS

There are two key ideas around which eIDAS is focused: interoperability and transparency.

  • Interoperability - eIDAS is intended to ensure that (trusted) electronic IDs and signatures used by one country are recognized and easily usable within the electronic environment of another country.
    • As part of eIDAS, member nations are required to develop a common framework upon which member states can recognize the eID of another member state, and ensure its security and authenticity.
    • By establishing a centralized means to recognize digital IDs, it is easier to facilitate cross-border digital signatures and carry out international business needs.
  • Transparency - eIDAS also involves clearly identifying a widely-available list of trusted services that can be used in the context of a centralized signing framework. 
    • Transparency allows all EU security stakeholders to engage in dialogue regarding the most secure and widely accepted tools and technologies for digital signatures.
    • As part of the directives on transparency, the specific formats that are recognized by the public sectors within member states are also specified.

What's Next?

There are several ways that decision-makers and stakeholders can help the eIDAS initiative (and their organization) move forward:

eIDAS is just one element of the exciting technological innovations that are to come for the EU and its businesses through future similar dialogues and frameworks. Organizations must understand eIDAS and its intentions and key goals in order to be part of the next-generation technology era in the EU.

There are numerous resources available for those who wish to further research the technical details of eIDAS. It is certainly not wasted time to further explore this revolutionary framework.

 

New Call-to-action

References and Further Reading

Cover image: courtesy of Plantronics Germany, Flickr